Again, only user <-> group, no user <-> user or group <-> group. Try these
steps:
1. Go to Administration, make sure user and group have access to phpwebhosting
2. Administration -> User groups -> Edit group -> ACL icon next to phpwebhosting
3. For the user in question, check the boxes for Read and Add, submit
4. Log in as user, go Up to /home, then into the group's directory
5. Upload a file, should work
6. Edit the file, it should work until you try to Save it, in which case an
error message is displayed
7. Delete the file, shouldn't work
The above works fine for me on a fresh 0.9.14 install + the one-liner patch.

Following your directions now I see this kind of sharing is working fine.

The function that controls ACL access is vfs->acl_check (). Functions such as vfs->read
(), vfs->write (), vfs->rm (), etc. call vfs->acl_check () with PHPGW_ACL_READ,
PHPGW_ACL_EDIT, PHPGW_ACL_DELETE, etc. phpwebhosting doesn't handle much of anything itself,
it relies on the VFS to do the checking.

These checkings done in VFS allow very trustable applications.

Things that you could add if you wanted:
* Respect ACL setting in setup
* Make acl_check () work for user <-> user and group <-> group
Both of these should be pretty easy, I'll add them when I get the chance, but
you're welcome to beat me to it :)